Lucene search
PhpMyAdminPHPMYADMIN:PMASA-2005-8HistoryDec 05, 2005 - 12:00 a.m.
XSS vulnerabilities
2005-12-0500:00:00
www.phpmyadmin.net
9
0.015 Low
EPSS
Percentile
87.1%
PMASA-2005-8
Announcement-ID: PMASA-2005-8
Date: 2005-12-05
Summary
XSS vulnerabilities
Description
It was possible to conduct an XSS attack via the HTTP_HOST variable; also, some scripts in the libraries directory that handle header generation were vulnerable to XSS.
Severity
We consider these vulnerabilities to be serious.
Affected Versions
We did not make an extensive verification on this. Probably all previous versions are affected.
Solution
Upgrade to phpMyAdmin 2.7.0.
References
Assigned CVE ids: CVE-2005-3665
Patches
The following commits have been made to fix this issue:
More information
For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net.
Related
openvas
openvas
FreeBSD Ports: phpMyAdmin
2008-09-04 00:00:00
FreeBSD Ports: phpMyAdmin
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200512-03 (phpmyadmin)
2008-09-24 00:00:00
cve
cve
CVE-2005-3665
2005-12-08 11:03:00
CVE-2005-4070
2005-12-08 01:03:00
cvelist
cvelist
CVE-2005-3665
2005-12-08 11:00:00
ubuntucve
ubuntucve
CVE-2005-3665
2005-12-08 00:00:00
nessus
nessus
FreeBSD : phpmyadmin -- XSS vulnerabilities (59ada6e5-676a-11da-99f6-00123ffe8333)
2006-05-13 00:00:00
GLSA-200512-03 : phpMyAdmin: Multiple vulnerabilities
2005-12-15 00:00:00
SUSE-SA:2006:004: phpMyAdmin
2006-01-29 00:00:00
debiancve
debiancve
CVE-2005-3665
2005-12-08 11:03:00
freebsd
freebsd
phpmyadmin -- XSS vulnerabilities
2005-12-05 00:00:00
gentoo
gentoo
phpMyAdmin: Multiple vulnerabilities
2005-12-11 00:00:00
debian
debian
[SECURITY] [DSA 1207-1] New phpmyadmin packages fix several vulnerabilities
2006-11-09 00:00:00
[SECURITY] [DSA 1207-2] New phpmyadmin packages fix regression
2006-11-19 00:00:00
osv
osv
phpmyadmin
2006-11-09 00:00:00
suse
suse
remote code execution in phpMyAdmin
2006-01-26 13:53:52